<?php

error_reporting(7);


if ($_GET['action'] == "add") {
	$template_name = "role_add.htm";
        require "common.php";
	# START 检查权限 
	if (!$perm->check_permission(ROLE, ROLE_ADD_ROLE)) {
		display_nopermission();
	}
	# END 检查权限
	foreach ($PERMISSIONS as $group_id=>$v) {
		$p_group_option = '';
	 	
	 	$result = array();
	 	$result['title'] = $P_GROUP[$group_id];
	 	
	 	$size = count($v);
        	$p_group_option = "<select name=\"p_group[$group_id][]\"  size=\"$size\" multiple style=\"width: 300px;\">";
        	foreach ($v AS $permission_id => $desc) {
	        	$p_group_option .= "<option value='".$permission_id."'> $desc </option>\n";
        	}
        	$p_group_option .= "</select>";
         	$result['option'] = $p_group_option;

                $tpl->append("p_group", $result);
        }
        $tpl->output();
}


if ($_POST['action'] == "insert") {
	require "common.php";
	# START 检查权限 
	if (!$perm->check_permission(ROLE, ROLE_ADD_ROLE)) {
		display_nopermission();
	}
	# END 检查权限
        $title = html_trim($_POST[title]);
        if (empty($title)) {
        	display_error("用户组名不能为空！");
        }

        $sql = "INSERT INTO roles SET
			title='".addslashes($title)."',
                        createdate='".time()."',
			lastupdate='".time()."'
			";
	$DB->query($sql);
	$role_id2 = $DB->insert_id();

        $DB->query("DELETE FROM roles2permission WHERE role_id='$role_id'");

	if ($_POST['p_group']) {
		foreach ($_POST['p_group'] AS $group_id => $permission) {
			$accessmask = $perm->create_accessmask($group_id, $permission);
			$sql = "INSERT INTO roles2permission SET
					role_id='$role_id2',
					group_id='$group_id',
		                        mask='$accessmask'
					";
			$DB->query($sql);
		}
	}
	redirect("./role.php?action=view","添加成功！");
}

if ($_GET[action]=="edit") {
	$template_name = "role_edit.htm";
	require "common.php";
	# START 检查权限 
	if (!$perm->check_permission(ROLE, ROLE_EDIT_ROLE)) {
		display_nopermission();
	}
	# END 检查权限

        $role_id = intval($_GET['role_id']);
        $role = $DB->query_first("SELECT * FROM roles WHERE id='$role_id'");
        if (!$role) {
        	display_error("该用户组不存在或已被删除！");
        }
        $tpl->assign($role);

        foreach ($PERMISSIONS as $group_id=>$v) {
		$p_group_option = '';
	 	
	 	$result = array();
	 	$result['title'] = $P_GROUP[$group_id];
	 	
	 	$size = count($v);
        	$p_group_option = "<select name=\"p_group[$group_id][]\"  size=\"$size\" multiple style=\"width: 300px;\">";
        	foreach ($v AS $permission_id => $desc) {
			if ($perm->check_permission($group_id, $permission_id)) {
	                      	$selected = " selected ";
			} else {
	                	$selected = "";
			}
	        	$p_group_option .= "<option value='".$permission_id."' $selected> $desc </option>\n";
        	}
        	$p_group_option .= "</select>";
         	$result['option'] = $p_group_option;

                $tpl->append("p_group", $result);
        }
	$tpl->output();
}



if ($_POST[action] == "update") {
	require "common.php";
	# START 检查权限 
	if (!$perm->check_permission(ROLE, ROLE_EDIT_ROLE)) {
		//display_nopermission();
	}
	# END 检查权限
	$role_id = intval($_POST[role_id]);
        $title = html_trim($_POST[title]);
        if (empty($title)) {
        	display_error("用户组名不能为空！");
        }

        $sql = "UPDATE roles SET
			title='".addslashes($title)."',
			lastupdate='".time()."'
			WHERE id='$role_id'
			";
	$DB->query($sql);


        $DB->query("DELETE FROM roles2permission WHERE role_id='$role_id'");

        if ($_POST['p_group']) {
		foreach ($_POST['p_group'] AS $group_id => $permission) {
			$accessmask = $perm->create_accessmask($group_id, $permission);
			$sql = "INSERT INTO roles2permission SET
					role_id='$role_id',
					group_id='$group_id',
		                        mask='$accessmask'
					";
			$DB->query($sql);
		}
	}
	redirect("./role.php?action=view", "更新成功！");
}


if ($_GET[action]=="remove") {
	require "common.php";
	# START 检查权限 
	if (!$perm->check_permission(ROLE, ROLE_REMOVE_ROLE)) {
		display_nopermission();
	}
	# END 检查权限

	$role_id = intval($_GET['role_id']);
	$DB->query("DELETE FROM roles WHERE id='$role_id'");
	$DB->query("DELETE FROM roles2permission WHERE role_id='$role_id'");
	$DB->query("DELETE FROM admins WHERE role_id='$role_id'");
        redirect("./role.php?action=view", "删除成功！");
}

if ($_GET[action]=="view") {
	$template_name = "role_view.htm";
	require "common.php";
	# START 检查权限 
	if (!$perm->check_permission(ROLE, ROLE_VIEW_ROLE)) {
		display_nopermission();
	}
	if (!$perm->check_permission(ROLE, ROLE_REMOVE_ROLE)) {
		define('CAN_ROLE_REMOVE_ROLE', 0);
	} else {
		define('CAN_ROLE_REMOVE_ROLE', 1);
	}
	# END 检查权限
	$sql = "SELECT rl.*, count(ad.adminid) AS num 
			FROM roles rl 
			LEFT JOIN admins ad 
				ON ad.role_id = rl.id 
			GROUP BY rl.id 
			ORDER BY id ASC
			";
	$roles = $DB->query($sql);
	while ($role = $DB->fetch_array($roles)) {
                $role[createdate] = date("Y-m-d",$role[createdate]);
                $role[lastupdate] = date("Y-m-d",$role[lastupdate]);
		$role['title'] = $role['title'].' - ('. $role['num'] .')';
		if (CAN_ROLE_REMOVE_ROLE) {
                	$role[removable] = 1;
		} else {
			$role[removable] = 0;
		}
        	$tpl->append("roles",$role);
	}
	$tpl->output();
}

?>
